A Better Way To Handle Passwords

We all know we’re not supposed to re-use passwords. Password security is tricky. We have heard the security experts telling us for years that it is dangerous to use the same password for multiple websites or accounts. Once a hacker gets your password from one site, the logic goes, they have your password everywhere.

But we all do it anyway. It was reasonable advice to give back when you had a secure password to your computer, your email, and maybe your bank. But with the cloud proliferating, we can easily have dozens or even hundreds of accounts. It’s like exercising every day and not eating sugar. We all know it’s a good idea, but we all know we’re not going to do it.

Password Managers: A better way to handle passwords

Here’s a novel idea: let technology fix the problem that technology has caused. Computers are really great at remembering things, even hundreds of passwords – you can use your own to strengthen your password security! How?

Password managers give you the best of both worlds: One secure password gets you into all your websites, and all of your websites have different passwords!

Here’s how it works. You install a piece of software on your computer and give it a strong “master” password. Then, when you sign up for a new website, it will see what you’re doing and ask, “would you like me to remember this password for you?” It can even generate secure passwords for you so you don’t have to think about it. Once you have everything set up, you’ll only ever need to remember two passwords, one for your computer and one for your password manager.

Our Suggestion for Password Security

There are a lot of good password managers out there, but we are going to recommend LastPass. It is very secure, easy to install, easy to use, and free! (They also have a paid version with advanced features.)

Plus, everything is stored securely in the cloud. This means you can safely sync all of your passwords across all your computers and mobile devices—Windows, Mac, Linux, iPhone, iPad, Android phones and tablets, even Blackberry.

The security-conscious among us understand it’s hard to trust whether a company is telling you the truth about their security. LastPass let a well-respected independent auditor examine their code, and he gives it a thumbs up!

LastPass double- and triple-encrypts everything while it is on your computer, including your master password, before passing it all up to the cloud. This way, no one from the company has any way to access your passwords.

How To Start

Getting started with the LastPass password manager is easy: go to the website and install it. It will ask you for a username and password. Then, just open your preferred internet browser like normal. As you enter passwords, LastPass will offer to save them for you. When it alerts you of a website that has the same password as another, just change this as it comes up. It’s that easy!

How to Hire an IT Consultant

The Big Secrets: Want to know the big secret about how to hire an IT consultant?  Here it is:  Everybody can fix computers.  It’s true.  Anyone with the slightest talent for technology can be trained as a competent IT technician.

Lean in a little bit and I’ll let you in on big secret number two.  Ready?  All IT companies can fix computer problems equally as well.  Unless you are in the 0.5% of all companies out there that truly have a unique computer problem no one has seen, all tech support vendors will be able to fix your problems.

What does this mean for you?  When you are comparing IT companies to hire, don’t listen to them tell you they will fix your problems better than the competitor or your current vendor.  True, there are some actually bad and unskilled tech support providers out there, but you won’t be able pick them out of the crowd.  Just assume that when you call up any IT company with problem x, they will all be able to fix it.

Learn How to Hire an IT Consultant

The Real Differentiators: There are really only 3 ways that IT support companies differ from each other, which you should take into consideration when deciding how to hire an IT consultant:

  1. How they treat you: How they treat you is crucial. You don’t want to rely on Nick Burns to fix your computers.  Ask to call in to the tech support desk on a test call to see how they are.  Ask about their mission and company values and how they attract good people.  A tech consulting company’s hiring process will tell you a lot about the friendliness of the staff.
  2. How they ensure all their clients get good results: References from current clients are great, but has everyone ever given you a bad reference?  No.  The question is not whether they have some happy customers.  The question is how do they ensure their entire client base receives the same results as their favorite clients and references.  “We’re really good,” isn’t a good enough answer.  If they don’t have clearly defined processes and systems in place to ensure these results, they can’t guarantee them across the board.
  3. Knowledge and skill of employees:  As big as this one sounds, it is the least important of all differentiators.  What happens when the genius that used to take care of you gets hired by Google?  Who will replace him?  If that question worries you, then go back to #2 and ask that question again.

So don’t let the sales guy tell you that they can fix computers better than the other guys because they have smart employees, they’ve been doing it a long time, and they’ll assign you the best tech.  This is a recipe for disaster. Similarly, if you are unhappy with the tech consulting company you currently employ, “we will do better” isn’t a very good response when you ask them about the problem.  If they could really do better, why haven’t they already?

What To Ask An IT Company – Before You Pay

Here are some other questions to keep in mind when interviewing an IT support company, in no particular order.

  • Do you track your support metrics? Will you share averages with us?  This is a great way to compare claims of competence against competitors.  IT is a very measurable industry.  If they aren’t tracking these metrics, how can they know how to improve?
  • Do you use automatic remote monitoring tools? I hate asking this because it should be universal.  If they say no, run away.
  • Aside from installing a few tools, what do you do that is really proactive? If they claim to provide proactive tech support, make them back up their claims.
  • Let’s just assume you can fix my problems after they occur.  How are you going to keep them from happening in the first place?  Same as the last question, stated a different way.
  • What will you do to get to know us specifically as a client and how our business works? Even if they have a lot of clients, they should be able to give you advice and guidance customized for your particular needs.  Make sure they know how to do this.
  • Do you have a technology steering process?  You want to know your technology will be kept up to date, but you also don’t want to be “sold” on the latest fad.  Make sure they have a well defined, intentional way of providing solid advice. Will they steer your technology over time.
  • Are there multiple plans to select from? If so, are some missing key ingredients? This is a red flag of an inferior level of service.  Saving the money isn’t worth it, and neither is working with an IT support company that is willing to offer such a service to its customers.
  • Are they significantly less expensive than others? This is another red flag.  It costs a certain amount of money to provide quality IT support.  If some companies are significantly less than others, then they are not offering the same service. Or they are cutting corners somewhere.

What To Do Next

If you are unsure about how to proceed with an tech consulting company interview, please get in touch with us.  Yes, we understand how self serving it sounds to ask an IT company how to hire an IT consultant, but take a look at our mission and values.  We aren’t just in the business of technology consulting, we’re in the business of making people’s lives better.  If we can help out with some advice or to provide an honest counter proposal, we would be happy to do so.

How to Avoid Computer Viruses – Part 2

Note: This is the second in a 2 part series on how to avoid computer viruses and malware.
Read Part 1 here.

The One Way to Get a Computer Virus

There is only one way your computer can get a virus: by running a bad program.  It’s not browsing websites or opening email attachments that will give you the virus, but doing these things can launch that bad program behind your back. The following list describes how you can start avoiding computer viruses and keep your data information safe.

[box] “There is only one way your computer can get a virus: by running a bad program.”[/box]

 

4 Techniques to Avoid Computer Viruses:

1. Read links – The best way to avoid computer viruses is to keep them from getting on your computer in the first place.  Hover over a link before you click on it and see where you are going.  See Part 1 in this series for more information on this crucial first step of virus protection.

The same applies for popup warnings on websites.  If you don’t know what the message means, or aren’t expecting it, don’t click “Yes.”

2. Good Virus Protection Software – You need good antivirus software on your computer.  This is essential.  We recommend Kaspersky Antivirus: we install it on our clients’ computers because of its effectiveness and minimal impact on performance.  In our experience, Norton and Symantec products have a negative impact on performance and we do not recommend them.  See the AV Comparatives website for a comparison of many AV products out there.

You should also have good anti malware software.  While many traditional AV programs offer anti malware features, most are not as good as MalwareBytes, the product we currently use.  You would think AV software would catch it all, but it doesn’t appear to work out that way.

We also offer our clients a third layer of protection, which is filtering website traffic before it comes into the network, thereby blocking known bad pages.

3. Keep everything up to date – Virus writers look for known security holes and exploit them.  The easiest way to prevent this is not to have security holes.  Do this by keeping all of your software up to date, especially Windows, Adobe Flash player, Java, and all of your web browsers.

Having said that, remember that sometimes having the latest and greatest introduces incompatibilities.  Internet Explorer fixes security problems with new releases, but also breaks certain websites, so this is a balancing act.

4. Beware email attachments – While it is possible to get infected from a virus merely by receiving a bad email, these are exceedingly rare.  Far more common is receiving an infected attachment and opening it.  First of all, all of your email should be filtered by at least one spam filtering service.  Second of all, don’t open any attachment you aren’t expecting.

If someone sends you something out of the blue that doesn’t make sense, that you didn’t ask for, or that’s out of character, don’t open it.  Reply back and ask if it’s legitimate.  If they say it is, and you know the person, then go ahead and open it.  If not, they’ll probably appreciate that you just let them know they are infected.  Then send them this article so they can be as clean and well informed as you are!

Virus protection is an essential component of your system’s functionality. If you or your business needs help implementing a professional security protection system to help avoid computer viruses, please contact us!

How to Avoid Computer Viruses – Part 1

Note: This is the first in a 2 part series on how to avoid computer viruses and malware.  Read the second part here.

 

 

The Best Way to Avoid Computer Viruses

Forget antivirus software – use this simple technique below to avoid computer viruses before they ever infect your computer. The best way to avoid viruses is to know which website and email links are dangerous, and not to click on them.  Below are the steps to make virus protection simple.

 

Step 1: Hover Over the Link in Question

Hold the mouse over the link and don’t click on it.  You will see the website link you are about to click on, either at the bottom of the screen or in a popup next to the mouse.

Step 2: Look at the Domain

Here is the big secret of looking at website links: ignore the http:// part, and look at the two words before the first slash.

For example, look at the link http://www.google.com/search?q=look+for+stuff. The two words before the first slash are google.com.  This tells you you’re going to Google.  Now look at the image to the right (click on it to enlarge).  The mouse is hovered over the link that claims to be http://www.BankOfAmerica.com, but the popup shows the actual site to be: http://www.bankofamerica.com.hack.com/ThisIsAHackedWebsite/YouAreNowInfected.htm.  If you look at the two words before the first slash, you will see is is actually going to hack.com.  You don’t trust hack.com, so you don’t click the link.

The simple steps highlighted above are crucial for virus protection. Follow these two steps whenever you are clicking on a link from an unexpected email or mistrusted website, and you will take a huge step toward never getting a virus again.

International Note: This trick works if you are in the US, where most domains in .com.  If you are in, for instance, the UK where domains end in .co.uk, then look for the 3 words before the first slash.

5 Steps to Avoid Credit Card Breaches

The Problem With Credit Card Breaches

As it turns out, credit card security is not something the tech industry has completely figured out. We have all heard about the stolen data and credit card numbers at Target, Neiman Marcus, and most recently Home Depot.  Credit card breaches affected over 70 million customers.

What is less well known is how this breach actually happened.  The answer: spyware caused the data breaches. In fact, the same malware caused both the Target and Home Depot breaches.

Most people think of viruses and malware these days as just causing popups and slowing down computers.  But they can do anything.  In this case, malware programs such as Backoff, BlackPOS, and Kaptoxa are designed to steal credit card data.  Computers infected with this malware read the credit cards as they’re being swiped and send the customer’s info to the malware owners. These people then sell it on the black market. This leads directly to huge amounts of credit card fraud.

[box] Malware is responsible for data and credit card breaches. Small businesses are just as susceptible to this problem as large businesses. If your business swipes credit cards, take steps to protect your customers and your reputation.[/box]

Small businesses are also susceptible to credit card fraud

Don’t think that hackers are specifically targeting the Targets of the world because they get a bigger payoff.  It costs them nothing to infect small businesses, so they do.  In fact, the Secret Service is reporting that more than 1,000 American businesses were infected by the same malware that got Target, and that report was released a month ago.  Given the typical growth patterns for viruses, I’m sure you can imagine what that number is today.

So if you accept credit cards from your customers, consider yourself a target and take steps to protect yourself.

5 steps you can take to help secure your company from similar data breaches

  1. Protect Against Malware

    These days, there are so many ways to infect a computer. You need a multi-layered approach to malware protection.  First, start with endpoint protection.  This should include antivirus and anti-spyware software on all computers.  Second, protect your entire network by using a content filter that scans all traffic in and out of the network for malware.

  2. Isolate Financial Computers –

    Ideally, Point of Sale computers will never need to get onto the general internet.  They will need to contact your credit card company, your PoS software company, and that’s it.  If this is the case, you can create special firewall rules that block all traffic from PoS computers that isn’t going to one of those two destinations.  That way, even if your PoS computers do get infected, they can’t phone home with the stolen credit card data.

  3. Network Security Best Practices

    No matter what business you are in, your company should be following general network security best practices.  Your IT support provider should be doing regular checks to ensure all of your computers, remote computers, networking equipment, and public-facing services are configured optimally for security.  (And they should be doing this as part of their service, even if you aren’t asking for it.)

  4. Upgrade PoS devices

    Magnetic strips on credit cards have inherent security flaws.  Anyone can read a magnetic strip, save that data, and sell it on the black market.  And anyone who buys that data can create fake credit cards.  Credit card fraud is widespread, but the credit card industry is moving quickly to put smart chips in all credit cards.  These chips have their own security flaws, but one of the big advantages is that they are very difficult to duplicate.  So even if thieves steal the data from the cards, it won’t do the thieves any good because they can’t use it. As of October 2015, the credit card industry has mandated that all businesses must upgrade their PoS machines and card swipes.  Do this sooner than later to protect your customers.  As an added incentive, if you haven’t upgraded and someone’s card data is stolen from you, they will place all of the liability on you for not upgrading.

  5. Get a PCI-DSS Audit

    Hire a company to come in and perform an audit to make sure you are PCI compliant.  (PCI-DSS stands for Payment Card Industry Data Security Standard.)  They will go through your setup and make sure you are compliant with a minimum set of security standards and that you are handling customer’s data securely.  But this is a minimum standard; both Target and Home Depot were PCI compliant.  Think of this audit as table stakes to play the credit card game, not as a panacea to fix all security problems.

Credit card security is an issue your company must address. For help securing your network to minimize any risk of you being the next Target, please give us a call. We would be happy to discuss how Strive Technology Consulting can help you avoid credit card breaches within your company.

Bad Microsoft Updates Causing Blue Screen Crashes

Microsoft releases updates to fix bugs once a month.  Last week, they released a lot of updates, 3 of which are causing computers to crash and blue screen after a reboot.  Microsoft references three of these updates with their support article ID numbers. The numbers are are KB2982791, KB2976897, and KB2970228.

If your computers are set to use automatic updates, it may have already installed them.  It is an intermittent problem, therefore you may not have seen it cause problems yet.  See articles here and here for more information and a description of the problem.

If you are one of our Managed Services customers and you’ve installed our management software on your computers, you don’t have to worry about this. You will not be receiving these updates.  If not, please follow the instructions below to uninstall these updates.

Finally, if you are already experiencing this problem and your computer won’t turn on, have your IT provider boot the computer with an external “boot CD.” Then delete the C:\Windows\System32\FNTCACHE.DAT file.  That should allow the computer to boot, after which you can remove these updates.

Please contact us if you:

  • Do not have an IT provider
  • Need help removing these updates
  • Would like to hear about our Managed Services program, which will keep you from having problems like this.

Step by step instructions on how to uninstall an update

1.  Go into your Control Panel and open Programs and Features

2. Click “View installed updates”

Your computer will show you which updates installed, rather than which software programs.

 

 3. Type one of the three article numbers into the search box

The article numbers are KB2982791, KB2976897, and KB2970228.  You will see that the article ID in the example image below does not match one of the these.  I have not installed these updates on my computer, so I cannot give you true example screenshots of what it will look like.  In place of these articles ID’s, I used “KB2826003,” which is a benign Office update.  Ignore the number in the image and replace it with each of the three above.

 

4. Make sure the article ID you searched for is in the title of the update.

Highlight that update, and click the Uninstall button.  Follow the wizard and accept all prompts.

 

 

 

21 Ways to Avoid Identity Theft

We have all heard the news about a billion passwords being stolen by Russian hackers, and Target exposing millions of customer credit cards.  I invited Peggy Altschuler of LegalShield as a guest author for this month’s article to help clear up what identity theft is, what we can do about it, and how we can protect ourselves.


Think you’re not at risk?  Think again!

Identity theft is the world’s largest white collar crime

It has even surpassed drug trafficking by trade.  All day, every day, identities are being bought and sold on the black market non-stop.  According to the FTC, one in two will be affected with one of the six types of identity theft in the next twelve months.

What are the six types of identity theft, you ask?

 

  • Financial
  • Medical
  • Criminal
  • Social Security
  • Driver’s License
  • Synthetic

Unfortunately, most people have a misconception that identity theft is all financial.  Countless times individuals have told me, “Let them steal my identity, my credit stinks,” or “An identity thief wouldn’t want mine. I don’t have any money.”  When that occurs, I ask them for a few minutes of their time to explain the six different types of identity theft and how it could affect their life.  The nightmare can go on for years.

Are you aware that social security numbers can be purchased for as low as $15.00?  Did you know that identity “packages” are available that include driver’s licenses, marriage certificates, fake diplomas, etc.?  Unfortunately, technology has so far surpassed the security of it that identity theft is out of control.

People often ask me how they can prevent identity theft from happening to them.  Unfortunately, we can not prevent it.  All we can do is take pro-active steps to make us less susceptible to being the next victim.  The real key is what identity theft protection measures you have in place when it happens to you.

What to look for in identity protection

When looking for protection, make sure that your plan includes full restoration.  This simply means that a professional is working on your behalf to restore it back to the way it was originally, no matter how long it takes.  With the most expensive part of identity theft being the time spent to recover, this is the number one thing to look for in an identity theft protection program.

Everyone is vulnerable, young and old alike.  Even the deceased have their information being used.   Education is key.  Know what can happen to you and put a plan in place to help you manage it not if, but when it happens to you and your family.

As far as things you can do to help protect yourself and your family, follow this list of suggestions below.

Top 21 Ways to Avoid Identity Theft

  1. Subscribe to a reputable credit monitoring company that not only monitors your credit on an ongoing, 24 hour, 7 day/week basis, but also provides RESTORATION (not resolution or reimbursement) and attorney access when you are a victim.
  2. Cross-cut shred all junk mail/documents with personal information on them before throwing them away.
  3. Mail all outgoing mail from a secure location such as an official United States Post Office box.
  4. Never give your personal information out to anyone unless you initiate the contact.  Be aware of phishing, smishing, and pharming.
  5. When making online purchases, make sure that you are on a secure website.  It will have an “s” after the http (ie:  https://)  Use a separate credit card with a low limit for online purchases.  Using your debit card gives easier access to your bank account where your daily living expense money is more readily available.
  6. Copy the contents of your purse/wallet and keep in a safe place.
  7. Don’t just sign the back of your credit cards.  Specify “Photo ID Required” or “Please see ID” with your signature.
  8. Never carry your social security card in your wallet/purse and have your social security number removed from your driver’s license.
  9. Check your bank and credit card statements regularly.
  10. Keep your blank checks in a secure location.  When ordering new checks, have them mailed to your bank (not your home).  Use your first and middle initials with your last name and your cell phone number vs. your home phone.  Don’t carry your checkbook unless you know you will need it that day.
  11. When writing checks, use a felt tip marker or gel pen.  Do not use a ballpoint pen.  Ballpoint pen ink can easily be “washed”.
  12. Ladies, hold onto your purse while shopping.  Never leave it in the cart unattended.
  13. Take your trash to the curb the morning of, not the night before.  At the curb, it becomes public property.
  14. When doing anything financial online be sure to use a secure online connection in lieu of wireless (in public places).
  15. Opt out of credit card offers at 1-888-5-OPTOUT or online at http://www.optoutprescreen.com.  This won’t stop all offers completely, but will definitely slow them down.
  16. Keep your computer firewall and virus protection updated.
  17. Use at least 8 digit passwords with a combination of letters and numbers on your accounts
  18. Make it a household rule that the first family member home gets the mail.
  19. If you opt to freeze your credit, then understand that it makes it very difficult for you to make large purchases, open accounts, etc.  You have some choices as to the length of time you choose (90 days – long term).
  20. If your credit card has an RFID chip in it, then be sure to carry it in a security sleeve (you can find these at travel stores) or wrap in foil.
  21. Make your credit/debit card company and financial institution aware if you plan to travel.

If you would like to speak with Peggy about identity theft protection and insurance, contact her at 720-280-1068 and visit her website at http://www.peggyalt.com.

5 Ways to Keep Your Computer Running Fast

“Why is my computer so slow?”  How many times have we asked ourselves that?  It is widely considered an unfortunate fact of life that computers will slow down and eventually die, like an old person, or a battery running out of juice at the end of it’s life.  But I am here with happy news: it doesn’t have to be that way! Keep your computer running fast with the following tips.

Happy News: Computers don’t have to slow down!

 

5 ways to keep your computer running fast

  1. Reboot your computer

    It’s such a common answer that it has become comical.  Users wonder why helpdesk people always tell them reboot.  Helpdesk people wonder why users never reboot, even though they’re always telling them to.  Here’s the secret: Rebooting is the miracle cure for Windows woes.  As you may have realized by now, Microsoft software is not always the most stable, best written software imaginable.  You turn on programs and turn them off, open and close files, make changes, undo, redo, etc.  All of the normal things that people do leads to A LOT of processing on the back end.  Sometimes, the people who write the software don’t always clean up after themselves like they should.  Sometimes bugs creep in and get worse as time goes on.  But 90% of all speed problems can be fixed by rebooting.*  It’s like giving your computer a fresh start.  Have you ever performed a task that had so many working pieces you lost track of where you were and had to start from scratch just do to anything at all?  Computers feel that way, too, sometimes.  Reboot once a week or more to keep your computer running fast.

  2. Delete Temporary Files

    As programs go about their business, they generate a lot of data that they only need for a few minutes.  They store this data in temporary files they are supposed to delete later… but often don’t.  People can have hundreds or thousands of these files that are taking up space and slowing down the computer.  So, do yourself a favor to keep a clean computer: every few months, delete all of these temp files immediately after you turn your computer on.  These temp folders are typically stored in 3 locations: C:\temp and C:\Windows\Temp are the easy ones.  The third one is different depending on what version of Windows you’re using and username.  The easy to get to it is to click Start (or Start > Run if you prefer) and type in %temp%.  That’s a percent sign, the word “temp” and another percent sign.  This will take you right to the third folder.  Unless you are specifically saving things here (and don’t do that), deleting everything is generally safe.

  3. Delete Internet Cache

    Your web browser knows 3 things about speed: 1) Most webpages don’t change very often; 2) You go to the same pages over and over; 3) Retrieving data from your own computer is far faster than downloading it over the internet.  Combine all of these things, and you get “caching.”  The webpages you browse the most probably don’t change much and you can see them quicker if they are saved on your computer.  So your browser downloads the websites you go to and stores them on your computer.  This is called “cache,” or “browsing history,” or “temporary internet files.”  But your computer is a glutton, and doesn’t know when to stop.  So it downloads EVERYTHING you see, not just the important stuff.  And then it has to scan everything it has downloaded before getting it from the internet.  If you don’t clear your internet cache occasionally, web browsing will be slower and slower.  All browsers have a way of clearing this cache in their settings.  Do this once a week for a clean computer.

  4. Disable Startup Items

    Most computers that come from manufacturers like Dell and HP have dozens of programs that run behind your back when you turn the computer on.  Most people never use any of these programs, so they are needlessly taking up your computer’s resources.  And the more software you install, the more things get scheduled to run when you turn your computer on.  Remember, you want to keep your computer running fast! Disabling unnecessary startup items can boost your computer’s speed a great deal.  There are many tools out there that can help you do this.  But be careful with this tip, because sometimes you do want things running on startup.  I have generally found it safe to download Autoruns from Microsoft’s website and uncheck everything in the “Logon” tab.  But this is best done with a professional, or someone who knows what all of the startup items really do.

  5. Get a Good Antivirus Program

    The surest way to make your computer slow down is to get a virus or malware.  Everyone knows to have an antivirus program on their computer, but there’s a rub.  All AV programs can look through your computer and find viruses that are already on there.  The tricky part is catching the viruses before they infect you.  Most programs do this by hooking deeply into the operating system, watching everything that happens on the computer, and then approving/disapproving it.  This can really slow down a computer, and some antivirus programs slow your computer down much more than others.  In my experience Norton’s products cause far more problems than they solve, slowing down computers in particular.  So absolutely get a good antivirus product, as well as a good anti-malware product, but look at reviews or ask your IT company which ones they recommend for minimizing user interference.

That’s it.  if you do these 5 things regularly, you’ll keep your computer running fast forever and you will be more productive. No more asking yourself, “why is my computer so slow?”

One last thing: notice I didn’t say, “Defrag your hard drive and delete your cookies.”  I don’t know where this myth came from, but it’s thoroughly unhelpful.  Your computer will have 1000 times as much data saved in internet cache than in cookies.*  And defragmenting your hard drive could be helpful, but it’s more of a last resort for speeding up your PC.  And it’s done automatically these days.  Stick to these 5 and your computing life will be far happier.

 

 

* I completely made up these statistics, so don’t quote me on them.  But they paint the right picture, so believe them.  🙂

 

4 Ways to Increase Your Wireless Internet Speed

What Happened To My Fast Internet?

We’ve all had that problem: you sit down, motivated for the day and ready to get everything done…. and you can’t connect to the internet.  The wifi is broken again. Everyone has problems with wireless internet speed, both at home and at work. Typical fixes include: “wait for it to get better,” or “reboot the stupid thing again.”  Here, we present 4 things you can do to make your wireless network better so this won’t be a problem in your life.

1.  Don’t Use Wifi

That’s right, we said it.  Don’t use wifi!  True, this is a bit of a strange suggestion, given the focus of this article, but hear us out (and then move on to more poignant tips).  What we will be discussing below are all the problems with wireless internet speed and how to get around them.  But the fact remains: wifi has a lot of problems. Interference, technology limitations, encryption keys, the list goes on and on.

Wired connections have none of these problems.  In terms of a fast internet connection, plugging your computer in to a network with a cable is better in every way, except portability.  Wired connections are faster, more secure, more stable, and less likely to give you problems than a wifi connection by an order of magnitude.  The only downside is you are limited to where you can move and you have a cable sticking out of your laptop.  But you probably have a power cable and mouse cable sticking out of your laptop already, so one more isn’t a big deal.  Plus, how often do you really browse the web while walking your laptop around the office?

2. Place Your Equipment Properly

Where you put your wireless router or access point can greatly affect how well you can connect to it.  Have you ever noticed your cell phone always cuts out in the same spot in your house?  That’s probably because the signal can’t get from the tower to your phone any longer because of what’s in the way.  The same thing happens to wifi.  If your wireless router or access point is next sitting in a cement room with 3 foot thick walls, it is pretty obvious that the signal won’t get out very well.  Keep the following guidelines, provided by  Cisco, in mind when anticipating how far your signal will go through different building materials:

  • Paper and vinyl walls have very little affect on signal penetration.
  • Solid and pre-cast concrete walls limit signal penetration to one or two walls without degrading coverage.
  • Concrete and wood block walls limit signal penetration to three or four walls.
  • A signal can penetrate five or six walls constructed of drywall or wood.
  • A thick metal wall causes signals to reflect off, causing poor penetration.
  • A chain link fence or wire mesh spaced between 1 and 1 1/2 in. (2.5 and 3.8 cm) acts as a harmonic reflector that blocks a 2.4-Ghz radio signal.

Also, avoid placing your wireless equipment next to windows, filing cabinets, HVAC ducts, and other metal surfaces, as they can bounce the signal in unexpected ways.  And keep them away from devices that cause interference (see below), regardless of the material.  The higher you can place your wireless router, the better the internet speed.  Definitely above furniture level, on the ceiling is great.  Finally, position the antenna vertically for best signal strength.

3. Avoid Interference

The biggest problem with internet speed is when other wireless signals get in the way.  If you are in an office building with 15 other companies within wireless range of you, then your wireless device is competing with at least 15 other devices, all trying to send data over the same spectrum.  But wireless manufacturers know this is how life is, so they do a good job at designing their products to work in crowded environments like that.  The more difficult problem is other non-wifi devices that are using the same spectrum.  Most wifi uses the 2.4 GHz spectrum range.  So do baby monitors.  So do cordless phones.  Here is a list of some common non-wifi devices that can all interfere with your wireless internet speed and access:

  • Microwave ovens
  • Cordless phones
  • Bluetooth devices
  • Wireless video cameras
  • Outdoor microwave links
  • Wireless game controllers
  • Zigbee devices
  • Fluorescent lights
  • WiMAX
  • Baby monitors

So, what can you do to avoid all of these problems with wifi speed?  First, have a wireless policy for your office.  Tell your employees they can have video game consoles in their office, but they cannot have wireless controllers.  Encourage people to avoid using Bluetooth when alternatives exist.

Next, carefully consider proper device placement for your networking equipment.  In addition to the tips given above, don’t put your wireless equipment next to the microwave in the kitchen, or on top of a fluorescent light in the ceiling.

When setting up your wireless network, choose your channels carefully.  Look to see what your neighbors are using for wifi channels, and choose one that is used less.  Channels 1, 6, and 11 are best.

Finally, use the 5 GHz spectrum for wireless communication.  Most wireless these days, as well as much of the interference, is on the 2.4 GHz band.  Newer wireless devices can offer the same wireless service on a different spectrum, 5 GHz, which has much less traffic, interference, and noise.  As more people realize this trick, they will move there as well so it will only work for so long.  But even if everyone moves there, it will still have less interference from other non-wifi devices.

4. Buy the Right Equipment

You can go down to your local Radio Shack or Best Buy and pick up a wireless router for $60.  If it works for your home, it should work for your business, right?  Wrong.  Anyone who has read our article on buying a new PC will recognize the flaw in this logic.  Manufacturers tend to build products with two different markets in mind: home and business.  The equipment they produce for the business market tends to be very stable, high end, is expected to work all the time in varied conditions, and is more expensive.

The equipment they produce for the home market is less expensive, but is typically built with lower quality components, has fewer features, and they know that it doesn’t need to work 100% of the time because it’s just some dude at home using it and he can reboot it regularly or go replace it for another $60 in a year if it breaks.

One of the biggest problems businesses have with wifi speed is that they are using home class devices.  In order to have wireless available, stable, and running optimally all the time, businesses need to invest in a business class wireless network.  Business devices will communicate with each other better than home devices, allowing fast internet from one end of the office to the other without losing connection.

Many people try to solve their wireless problems by putting a wifi device in every room; this is a bad idea.  This can lead to more interference, even if they are all part of the same network.  Business class wifi devices will coordinate with each other how strong of a signal they need to broadcast to cover all areas, thus creating less interference.

Next, get a device that can handle 2.4 GHz and 5 GHz.   As we saw above, 5 GHz is a more open spectrum with fewer devices on it and less interference.  But not all computers, tablets, phones, etc. can access 5 GHz, so you will still need to provide 2.4 GHz access.  Find a device that can do both of these simultaneously, as some claim can do both but cannot actually do both at the same time.

Finally, know the difference between a wireless router and a wireless access point.  An access point provides wireless access to an existing network.  This is what most businesses will want in most situations.  A router creates a new network, segregating people on it from all other network traffic.  These are more common at retail stores and will cause communication problems between computers if you put this on your network.

Questions?

Having questions about your wireless internet speed now and aren’t sure what to do?  Does fast internet seem like an unachievable dream to you at this point? Please ask any questions in the comments section below, we would be happy to answer.

 

 

Security Alert: Many Secure Websites Found Vulnerable

On April 7th, the computer security community had its hair set on fire with an announcement of a new website security vulnerability called the Heartbleed bug.

This is not a technical article, but the broad strokes are important to understand.  Secure websites are protected by a technology called SSL.  Nearly 18% of the websites out there are (or were) running a version of SSL that contained a bug.  This bug allowed attackers to decrypt any information passed to or from the website.  So, for instance, if you were doing online banking with a company that was susceptible to this, if someone could watch of capture your website traffic, they could then decrypt that traffic and read what they wanted.  This may include usernames, passwords, bank account numbers and any other information that you read from, or passed to, that server.  This vulnerability popped up over 2 years ago, so it has been “in the wild” for long enough to be a strong concern.

The total number of websites affected by this bug is estimated at about half a million, including Yahoo!, OK Cupid, Dropbox, Flickr, and Twitter, Tumblr, and Regents bank

[learn_more caption=”Click here for technical details”] The Heartbleed bug affects OpenSSL versions 1.0.1 through 1.0.1f and was introduced in December, 2011.  The vulnerability was introduced with the inclusion of a heartbeat extension. If exploited, the bug will leak a random 64KB chunk of memory from the server.  It can be run multiple times, eventually finding the SSL private key– a.k.a. the keys to the cryptographic kingdom.  This is a non-intrusive exploit, so there is no way to detect whether a server has been compromised or not. Go to http://heartbleed.com for a detailed analysis and thorough FAQ.[/learn_more]

Does this affect my company’s website?

If your website does not offer encryption, then you do not need to worry.  Put another way, if you cannot get to your website by putting “HTTPS://” in front, then you do not need to worry.  If you do offer encryption of your website, then beware.  Here are the steps you need to take to protect your website security:

  1. Test your websiteGo here for a free test. It will grade your SSL security, and tell you if your site is vulnerable to the Heartbleed bug.
  2. If you find your site does have this vulnerability, fix it immediately!  If your website is hosted by a major company, call them and demand they fix it.  The bottom of this page has a list of web server vendors and their instructions on how to fix the problem.
  3. Once fixed, generate new encryption keys and revoke your old ones.  Update your website so you are only using the new keys.  Do this whether you think you’re safe or not.
  4. Alert your users and request or force them to change their passwords on your site.  Alert them of the risk to personally identifiable information.

Does this affect me?

There is a good chance that the answer to this question is YES.  This is a very serious bug that has been exploitable for over two years, so put this in the “better safe than sorry” category.  The better websites out there will be alerting their users about this issue, but don’t trust them to be proactive.  Take the following steps yourself to ensure your protection.

  1. Test the websiteGo here for a free test.  Test your online banking website, your credit card website, your online dating site, anything where you have to put in a username and password and where you keep important information.
  2. If it is vulnerable, don’t log in.  Wait until they have fixed the problem.  Keep an eye on their blog or Twitter feeds for updates.  Or call them and ask.
  3. Once they have fixed the problem, change your password.  See our article on what makes a good password, and how to create strong passwords that are easy to remember.  If you have used this password anywhere else, change it everywhere.  Consider it compromised.
  4. Think about other services that use encryption, not just websites, such as email and instant messaging. All of these use SSL encryption and it is not as easy to test those on your own.  Call your vendors and ask if this bug has affected them.  I have already contact our hosted Exchange provider and confirmed they are not susceptible to this, not should most Exchange providers.  But if you use POP or IMAP email, strongly consider contacting your email provider and confirming.

Check back soon

We will be keeping a close eye on this over the next few days and updating this blog post with any new information.  Please check back for updates.  If you are concerned about something and are not sure what to do, contact us or leave a comment below and we will respond promptly.

UPDATE – APR 10Here is another good site to check if a site is now, or was previously, vulnerable to this.  And if you don’t have the time or inclination to do the work for yourself, check out this site, which has a list of the most popular sites on the web and whether they were vulnerable.

UPDATE – APR 10: According to ZDNet, Google, Amazon Web Services, and Centurylink were all susceptible to this bug.  There is also some evidence that this bug was actually used and exploited several months ago, before it was known about publicly.  Security researchers are calling this an 11 on a scale of 1-10.  I don’t want to cry wolf here and tell you that everything you have done in the last two years is in the public domain now, I’m quite certain that’s not the case.  But do change your passwords everywhere.  You know you should be doing it anyway.  There is no better time or excuse than this.